package com.tulele.vtool.config;

//屏蔽于 20200204 统一使用nginx 做ssl
//@Configuration
//public class TomcatHttpsConfig {
//
//    @Value("${custom.tomcat.https.port}")
//    private int httpsPort;
//
//    @Value("${custom.tomcat.https.keystore_file}")
//    private String keystoreFile;
//
//    @Value("${custom.tomcat.https.keystore_type}")
//    private String keystoreType;
//
//    @Value("${custom.tomcat.https.keystore-password}")
//    private String keystorePass;
//
//    @Value("${custom.tomcat.https.maxConnections}")
//    private int maxConnections;
//
//    @Value("${custom.tomcat.https.maxThreads}")
//    private int maxThreads;
//
//    @Value("${custom.tomcat.https.acceptCount}")
//    private int acceptCount;
//
//    @Value("${custom.tomcat.https.minSpareThreads}")
//    private int minSpareThreads;
//
//    @Bean
//    public ServletWebServerFactory servletContainer() {
//        TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory();
//        tomcat.addAdditionalTomcatConnectors(createSslConnector());
//        return tomcat;
//    }
//
//    private Connector createSslConnector() {
//        Connector connector = new Connector("org.apache.coyote.http11.Http11Nio2Protocol");
//        Http11Nio2Protocol protocol = (Http11Nio2Protocol) connector.getProtocolHandler();
//        try {
//            File keystore = new FileUrlResource(keystoreFile).getFile();
//
//            connector.setScheme("https");
//            connector.setSecure(true);
//            connector.setPort(httpsPort);
//
//            protocol.setSSLEnabled(true);
//            protocol.setKeystoreFile(keystore.getAbsolutePath());
//            protocol.setKeystorePass(keystorePass);
//            protocol.setKeystoreType(keystoreType);
//            protocol.setClientAuth("false");
//            protocol.setSSLProtocol("TLSv1+TLSv1.1+TLSv1.2");
//            protocol.setCiphers("TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256");
//
//            //Tomcat优化
//            protocol.setMaxConnections(maxConnections);
//            protocol.setMaxThreads(maxThreads);
//            protocol.setAcceptCount(acceptCount);
//            protocol.setMinSpareThreads(minSpareThreads);
//
//            return connector;
//        }
//        catch (IOException ex) {
//            throw new IllegalStateException("can't access keystore: [" + "keystore"
//                    + "] or truststore: [" + "keystore" + "]", ex);
//        }
//    }
//}
